Thoughts on the #amdflaws stuff: most of the attacks described appear to require some level of privileged access (and possibly physical access in one case), which will lead to people writing it off as entirely overhyped. This is a mistake.
— Matthew Garrett (@mjg59) March 13, 2018
So this https://t.co/vYktqat10K business… CTS Labs asked us to review their research last week, and sent us a full technical report with PoC exploit code for each set of bugs.
— Dan Guido (@dguido) March 13, 2018
This! Vulns are overhyped, paper is garbage, authors are PR seeking clowns https://t.co/aXaKk13jiR
— Dmytro Oleksiuk (@d_olex) March 14, 2018
First read of the AMDFLAWS whitepaper (no real technical details given) is: “over-hyped beyond belief”.
This is a whitepaper worthy of an ICO.
And yes, that is meant to be an insult.
— Arrigo Triulzi (@cynicalsecurity) March 13, 2018
While vulns in PSP firmware are bad enough (impacts fTPM, SEV, BIOS secure boot), no one is asking why compromising PSP allows bypassing Win10 VSM (read “IOMMU”) and SMM (read “SMRAM memory controller protections”).
— Yuriy Bulygin (@c7zero) March 13, 2018
This likely indicates that PSP can modify memory map protections and IOMMU config
— Yuriy Bulygin (@c7zero) March 13, 2018
While vulns in PSP firmware are bad enough (impacts fTPM, SEV, BIOS secure boot), no one is asking why compromising PSP allows bypassing Win10 VSM (read “IOMMU”) and SMM (read “SMRAM memory controller protections”).
— Yuriy Bulygin (@c7zero) March 13, 2018
what idiot called it amdflaws and not EPYCfailhttps://t.co/y4zEt1o67H
— cron mom (@sophaskins) March 13, 2018
Most of AMD vulns from amdflaws has the same impact as any other SMM issues. The interesting one is code execution on Secure Processor. But looks like it's related to fTPM issue with the same impact (https://t.co/zlyAiPx0XJ). Also on ASUS hardware BIOS security is always broken.
— Alex Matrosov (@matrosov) March 13, 2018
Note: there will be no “second read” of the AMDFLAWS whitepaper because none is required.
It is a phishing document to lure small traders.
— Arrigo Triulzi (@cynicalsecurity) March 13, 2018
New professions for 2018: “Vulnerability Website Manager”
“Vulnerability Hyper”
“Short-seller Relationship Manager”
“Vulnerability Disclaimer Creator”
“Sherlock-based Vulnerability Researcher”— Arrigo Triulzi (@cynicalsecurity) March 13, 2018
Folks, the CTS lawyers are out… “they are not statements of fact”.
So, are they vulnerabilities or not?
If they are not statements of fact they are fiction. https://t.co/KLyhvX5kvp
— Arrigo Triulzi (@cynicalsecurity) March 13, 2018